README

$Id$
VOIP ACCOUNTING WITH CISCO VSA
INTRODUCTION
Cisco VoIP gateways can use radius accounting to log call records,
however FreeRadius in it's default configuration is not very well
suited to the job as the default database config is designed with
standard dial-up ISP Authentication and Post billing in mind.
The typical configuration on FreeRadius with a MySQL backend will
not handle the load of accounting for multiple Cisco gateways
under full utilisation.
The default database config also thows away all non-standard
RADIUS attributes which infact contains alot of highly useful
information pertinent to VoIP.
The good news is that with a few modifications to the configuration
files and the use of Postgresql (or another heavy duty SQL server)
insead of MySQL FreeRadius can be made into a reliable, flexible
and scalable (and free!) billing solution for VoIP providors.
MySQL cannot be used as the configuration relies on the connect and
disconnect time as reported by the Cisco gatways (Cisco VSA
attributes "h323-connect-time" and "h323-disconnect-time") and
MySQL limited date handling does not recognise full Cisco date
stamps time as a valid "datetime". (While Oracle and possibly some
other high end DBs should support Cisco time format they have not
been tested at this time). MySQL could possibly be supported in
future but it would require extra pre-processing by a FreeRADIUS
module to do so and there is no plan currently to impliment this,
although working code that impliments this would be happily accepted.
This reliance on VSA records REQUIRES that all cisco devices be
configured to send VSA attributes. This system is not known to work
with any non-cisco equipment, although it is theoretically possible
for non-cisco equipment to impliment Cisco VSA attributes...
This is required as the default FreeRadius SQL configuration (where
RADIUS "Start" records are INSERTed into the database, and then
UPDATEd with information from the associated "Stop" record) does not
scale as well as this solution which strictly uses INSERTs. As call
start and stop times are not contained in "standard" radius
attributes (They are added/updated by FreeRadius when the record is
logged in the default configuration.)
This REQUIRES all equipment be kept is timesync with the use on NTP
otherwise similtaneous records from different gateways may have
differing timestamps.
CONFIGURATION
* Install and configure FreeRadius as appropriate for your system.
* Test that FreeRadius is recieving accounting records from your
gateway. Do not proceed until you are certain this is working.
* Configure all the NASes to send VSA attributes. On older Ciscos
use one of the following commands (depending if you are using
SIP or H323):
"gw-accounting h323 vsa"
"gw-accounting sip vsa"
On Ciscos with newer versions of IOS need both of the following commands:
"gw-accounting aaa"
"radius-server vsa send"
* Create a Database to hold your billing records. ie:
"createdb radius"
* Import the SQL schema to your database. ie:
"psql radius < cisco_h323_db_schema-postgres.sql"
* In /etc/raddb/radiusd.conf set "with_cisco_vsa_hack = yes"
* In /etc/raddb/radiusd.conf add "$INCLUDE ${confdir}/pgsql-voip.conf"
(You can find the correct section by searching for "sql.conf")
* In /etc/raddb/radiusd.conf add "pgsql-voip" to the "accounting { }" section.
* (re)Start radiusd
If you wish to do RADIUS SQL Authentication using the same database, you
must use src/modules/rlm_sql/drivers/rlm_sql_postgresql/db_postgresql.sql
as well as this schema. This is left as an excercise for the reader.
-- Peter Nixon [ codemonkey@peternixon.net ]